Insecure Password Reset Tokens in Magento CE and EE

Insecure Password Reset Tokens in Magento CE and EE

CVE-2015-8707 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Password reset tokens in Magento CE before 1.9.2.2, and Magento EE before 1.14.2.2 are passed via a GET request and not canceled after use, which allows remote attackers to obtain user passwords via a crafted external service with access to the referrer field.

Learn more about our External Network Penetration Testing.